Vulnerability Description
e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting (XSS) attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when authenticated users interact with the comment form. An attacker can inject malicious JavaScript code through the URL parameter that gets executed when users click outside the comment field after typing content. The second vulnerability involves an upload restriction bypass for authenticated administrators, allowing them to upload SVG files containing malicious code through the media manager's remote URL upload feature. This results in stored XSS when the uploaded SVG files are accessed. These vulnerabilities were discovered by Hubert Wojciechowski and affect the news.php and image.php components of the CMS.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| E107 | E107 | 3.2.1 |
Related Weaknesses (CWE)
References
- https://e107.org/Product
- https://e107.org/downloadProduct
- https://www.exploit-db.com/exploits/50910ExploitThird Party AdvisoryVDB Entry
- https://www.vulncheck.com/advisories/e-cms-reflected-xss-via-comment-flowThird Party Advisory
- https://www.exploit-db.com/exploits/50910ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2022-50905?
CVE-2022-50905 is a vulnerability with a CVSS score of 9.8 (CRITICAL). e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting (XSS) attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when au...
How severe is CVE-2022-50905?
CVE-2022-50905 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-50905?
Check the references section above for vendor advisories and patch information. Affected products include: E107 E107.